Blog Archives

CCIE Security v5.0 Written and Lab Exam Content Updates

-+*The Cisco CCIE Security exam topics have been refreshed from v4.0 to v5.0. The new exam curriculum comprises six domains. The new segmentation into these six domains was done to improve the logical structure of the topics and to align

Posted in CCIE Security

CCIE Security Lab Equipment and Software v5.0

-+*Lab Equipment and Software Version The Lab exam tests features that can be configured on the equipment and the software versions indicated in the document below. The software versions listed below will be in the lab setup. However, the list

Posted in CCIE Security

Cisco Acs 4.2 Unkown User Policy And Windows AD Integration Authentication Example

-+*Introduction The below document will explain the cisco 802.1.x authentication concept including multi domain authentication host based authentication and mac address authentication bypass and more. Theory Behind 802.1.x authentication In its most basic the 802.1.x authentication is basically authenticating a

Posted in CCIE Security

Cisco Secure ACS Shell Profiles and Command sets, How to configure Shell Profiles and Command sets in ACS

-+*Cisco Secure ACS Shell Profiles and Command sets are the key terms related with AAA authorization. Cisco Secure ACSShell profiles and Command Sets are combined for user authorization at shell and also to authorize commands ate different privilege levels and

Posted in CCIE Security

Cisco IPSec Easy VPN Server Configuration Guide

-+*Introduction The Cisco Easy VPN server allows a remote user to connect the corporate network using an IPSec tunnel. Easy VPN servers can be deployed in a Cisco IOS router or an ASA appliance. To connect with the VPN server,

Posted in CCIE Security

CISCO VPN CLIENT CONFIGURATION – SETUP FOR IOS ROUTER

-+*Remote VPN access is an extremely popular service amongst Cisco routers and ASA Firewalls. The flexibility of having remote access to our corporate network and its resources literally from anywhere in the world, has proven extremely useful and in many

Posted in CCIE Security

Dynamic Multipoint VPN (DMVPN)

-+*DMVPN Operation A Dynamic Multipoint VPN is an evolved iteration of hub and spoke tunneling (note that DMVPN itself is not a protocol, but merely a design concept). A generic hub and spoke topology implements static tunnels (using GRE or

Posted in CCIE Security

DMVPN Explained

-+*DMVPN stands for Dynamic Multipoint VPN and it is an effective solution for dynamic secure overlay networks. In short, DMVPN is combination of the following technologies: 1) Multipoint GRE (mGRE) 2) Next-Hop Resolution Protocol (NHRP) 4) Dynamic Routing Protocol (EIGRP,

Posted in CCIE Security

Cisco Identity Services Engine – 2

-+*You can download Cisco ISE Software from the Cisco Software Center at the following link (90-day evaluation license) Training (You need to have Cisco PEC access) · ISE Lab Walk-Thru Series: Bootstrapping or here is a downloadable link · ISE

Posted in CCIE Security

How to build a basic Cisco Identity Services Engine ISE home lab

-+*I’ve posted about configuring Cisco Identity Services Engine ISE for a few use cases however have had requests to explain the steps to setup a basic lab. This post serves as a guide to get a basic ISE lab running to test

Posted in CCIE Security